What Is A Domain Name System (DNS)?

A Domain Name System typically referred to as DNS is like your mobile phone book. Every mobile phone is identified by a set of numbers, providing two ways you can call someone. You can either search for their name in your phone book or you can dial in the actual phone number of the person you're calling. Similar to a phone number, in the case of the world wide web, each website is identified by a set of numbers known as the IP address. To visit a website, you can either provide the IP address or the domain name of the website.

Consider the DNS as the world wide web's version of a mobile phone book. It keeps a list of domain names with their matching IP addresses, however, the process behind retrieving the correct IP address is more complicated than a mobile phone book tool.

Read the typical DNS process below:

1. Check if the data is in your computer's local cache

When you type a domain name into your browser it first checks if the information is in your computer's local cache. If you've visited the website before, chances are that the matching IP address is in your local cache and your browser can immediately redirect you to the website. If not, the browser will do a DNS query to find the IP address.

2. If not, check if the data is in your Internet Provider's recursive DNS server

The DNS query is then forwarded to your internet provider's recursive DNS server to check if their cache has the information needed. If it's not there, a DNS query is made to the TLD's (top-level domain) name servers.

3. If all fails, check the TLD's name servers

For this purpose, domain names are read from right to left. The DNS query is first directed to the TLD's name servers for the extension, such as .COM for hello.com or .ME for blogging.me. Starting from the TLD name servers, the DNS will lead you to multiple servers until it finds one that has the right information for that specific domain name.

4. Store the data in your Internet Provider's recursive DNS server

Once the information is retrieved, it is stored in the internet provider's recursive DNS server. This makes it easier for others to visit the same website in the future. Note that this data has an expiration date so the system can get the latest information next time.

5. Store the data in your computer's local cache

Lastly, the information is stored in your computer's local cache and your browser will read the IP address and redirect you to the website. And you're done!

The DNS network has evolved from a simple concept of a phone book to a more dynamic and highly-scalable system that involves a question/answer protocol. As the Internet continues to grow and the number of users increases, the question of security and reliability is becoming more important than ever before.

Here are a few things you can do to secure your DNS:

1. Make sure you're on an Anycast network

Most companies are moving away from Unicast to Anycast networking methodology. The Anycast network allows incoming DNS queries to be routed to a variety of different locations instead of to just one single location, which significantly increases the reliability of the DNS network. Even if one server is down, the DNS query can be processed by another server location. HEXONET's Premium DNS is on an Anycast network so that you don't have to worry about reliability issues.

2. Enable the DNSSEC feature

Given the number of steps involved in a typical DNS query lifecycle, it's no surprise that there may be security risks involved. Your DNS query can be hijacked by a malicious third-party that redirects you to a different website. DNSSEC solves this problem by signing all data sent during a DNS query session so that the resolvers can verify the authenticity of the received data. With HEXONET's recent improvements on DNSSEC, it's quick and easy to enable this amazing feature for your domain name via the Control Panel.

3. Keep track of your DNS network activities

It's important to monitor your DNS network activities to make sure your domain name is set up appropriately and to detect any traffic anomalies such as a DDoS attack. Each Premium DNS plan comes with our highly-advanced data monitoring services and in-house analytics portal, with plans as low as $10 USD per year. Secure your DNS network today with HEXONET's affordable Premium DNS service.